package com.lzy.wzy.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.token.*;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;

import javax.annotation.Resource;
import java.security.KeyPair;
import java.util.ArrayList;
import java.util.List;

@Configuration
public class JwtTokenAuthConfig {
    @Autowired
    private MyTokenEnhancer myTokenEnhancer;

    @Autowired
    private UserDetailsService userDetailsService;


    @Autowired
    private RedisConnectionFactory redisConnectionFactory;

    @Bean(name = "jwtTokenStoreAuth")
    public TokenStore jwtTokenStoreAuth(){
        return new JwtTokenStore(jwtAccessTokenConverterAuth());
    }


    @Bean("redisTokenStore")
    public RedisTokenStore redisTokenStore(RedisConnectionFactory redisConnectionFactory){
        RedisTokenStore redisTokenStore = new RedisTokenStore(redisConnectionFactory);
        redisTokenStore.setPrefix("auth_token:");
        return redisTokenStore;
    }

    @Bean(name = "jwtAccessTokenConverterAuth")
    public JwtAccessTokenConverter jwtAccessTokenConverterAuth(){
        JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter();
        DefaultAccessTokenConverter defaultAccessTokenConverter = new DefaultAccessTokenConverter();
        DefaultUserAuthenticationConverter userAuthenticationConverter = new DefaultUserAuthenticationConverter();
        userAuthenticationConverter.setUserDetailsService(userDetailsService);
        defaultAccessTokenConverter.setUserTokenConverter(userAuthenticationConverter);
        jwtAccessTokenConverter.setAccessTokenConverter(defaultAccessTokenConverter);
        //jwtAccessTokenConverter.setSigningKey("wylwzy");
        ClassPathResource resource = new ClassPathResource("oauth-jwt.jks");
        KeyStoreKeyFactory keyFactory = new KeyStoreKeyFactory(resource, "wzy666".toCharArray());
        KeyPair keyPair = keyFactory.getKeyPair("wzy");
        jwtAccessTokenConverter.setKeyPair(keyPair);
        return jwtAccessTokenConverter;
    }
    /**
     * 配置令牌管理
     */
    @Bean
    public AuthorizationServerTokenServices authorizationServerTokenServices(ClientDetailsService clientDetailsService) {
        DefaultTokenServices service = new DefaultTokenServices();
        service.setClientDetailsService(clientDetailsService);
        service.setSupportRefreshToken(true);
        service.setReuseRefreshToken(true);
        service.setTokenStore(jwtTokenStoreAuth());
        TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
        List<TokenEnhancer> list=new ArrayList<>();
        list.add(myTokenEnhancer);
        list.add(jwtAccessTokenConverterAuth());
        tokenEnhancerChain.setTokenEnhancers(list);
        service.setTokenEnhancer(tokenEnhancerChain);
        return service;
    }

}
